Following the news  that hackers are sending ransomware-infected emails directly, to head teachers after posing as officials from the Department of Education. The cyber criminals have been gaining email addresses by calling schools and offering exam guidance or mental health assessments. The ransom is believed to be up to £8,000. Fraser Kyne, EMEA CTO at Bromium commented below.

Fraser Kyne, EMEA CTO at Bromium:

fraser-kyne“We’ve seen attacks like this becoming increasingly commonplace and they will continue to be unless we completely change our approach to security. Once again, hackers have preyed on the weakest link in security – the end-user – but this is not where the fault lies. It’s unfair to expect busy teachers to be able to tell the difference between an email from the Department of Education and these sophisticated mimics.

“Hackers are clever and convincing con artists, yet the industry continues to try and convince us that they can be defeated through detection tools and user education. As we can see from the rise in such attacks, this approach is neither realistic nor effective. It’s not right to make end–users take responsibility for security. Instead, they should be able to click and download to their heart’s content without fear of accidentally infecting the network and causing harm. Virtualised security enables just that; as every workload is completed in a disposable, isolated environment, there is no way that hackers can steal, encrypt or access anything useful.”